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What is claimed is: 

1 . A method for automatically providing enhanced and secure access to a group 
of users initiated by a non-technically trained user on a computer network 
without the intervention of information systems personnel comprising the steps 

5 of: 

1 ) receiving a request from the a user to establish the group of users; 

2) configuring a network infrastructure to support the group; 

3) providing a group identifier; 

4) allowing users to join the group according to the group identifier; 

10 5) further configuring the network infrastructure to support the joining 

users; and 

6) dissolving the group based on predetermined rules. 

2. The method of claim 1 wherein the group of users is composed of one or more 
1 5 than one users. 

3 . The method of claim 1 wherein the network infrastructure includes a physical 
local area network. 

20 4. The method of claim 1 wherein the step of configuring a network includes the 

step of establishing a virtual local area network on a physical local area 
network. 

5 . The method of claim 1 wherein the step of configuring a network infrastructure 
25 includes the step of configuring switches that are IEEE802. 1Q compliant. 

6. The method of claim 5 wherein the step of configuring switches includes a use 
of Q-tag. 
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The method of claim 1 wherein the step of providing a group identifier includes 
the step of providing a group name and password. 
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The method of claim 1 wherein the step of allowing users to join the group 
according to the group identifier includes the step of allowing users to join the 
group according to a group name and password. 

The method of claim 1 wherein the step of further configuring the network 
infrastructure includes the step of configuring the switch port that the user is 
connected to with a VLAN associated with the group. 

The method of claim 1 wherein the step of dissolving the group includes 
revoking the group identifier. 

The method of claim 10 wherein the step of dissolving further includes the 
step of returning ports of switches supporting a VLAN associated with the 
dissolved group to the default state and removing all references to the VLAN 
associated with the dissolved group from the switches. 

A method for dynamically managing pools of IP addresses on a computer 
network with different characteristics and moving a user from pool to pool as 
required comprising the steps of: 

1) maintaining a registry of user records and associated sets of 
characteristics; 

2) further maintaining a registry of IP address pools with associated sets 
of characteristics; 

3) receiving a request from a user to switch from a first set of 
characteristics to a second set of characteristics; 

4) modifying the user record in the registry so that the set of 
characteristics associated with the user matches the second set of 
characteristics; and 

5) assigning an IP address to the user from the IP address pool associated 
with the second set of characteristics. 
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13. The method of claim 12 wherein the pools of IP addresses include a pool of 
routable IP addresses. 

14. The method of claim 12 wherein the pools of IP addresses include a pool of 
non-routable IP addresses. 

15. The method of claim 12 wherein the step of receiving a request from a user 
includes a step of receiving a request for a set of characteristics including a 
routable IP address from a user whose first set of characteristic includes a 
non-routable IP address. 



16. The method of claims 12 wherein the step of modifying the user record 
includes the step of modifying the user record in the registry so that the set of 

1 5 characteristics including a non-routable IP address associated with the user is 

changed to a set of characteristics including a routable IP address. 

17. The method of claim 12 wherein the step of modifying the user record 
includes the step of changing the set of characteristics associated with the user 

20 from a set of characteristics including a non-routable IP address to a set of 

characteristics including a routable IP address. 

1 8 . The method of claim 1 2 wherein the IP address pool associated with the second 
set of characteristics is a pool of routable IP addresses. 

25 

19. The method of claim 12 wherein the step of maintaining a registry further 
comprises the step of mapping a user to a set of characteristics and mapping a 
set of characteristics to an address pool. 
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A method for providing a routable IP address to a remote computer comprising 
the steps of: 
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1) providing a pool of routable IP addresses on a server; 

2) receiving at the server a request from the remote computer to establish 
an IP tunnel between the remote computer and the server; 

3) establishing an IP tunnel between the remote computer and the server; 

4) further receiving a request from the remote computer through the tunnel 
for the routable IP address from the server; and 

5) further providing the routable IP address to the remote computer from 
the server through the tunnel. 

The method of claim 20 wherein the step of further providing the routable IP 
address comprises the step of providing a routable IP address by using DHCP. 

The method of claim 20 wherein the step of receiving a request comprises the 
step of receiving a request through the Internet. 

The method of claim 20 further comprising the step of maintaining information 
associated with the provided routable IP address. 

The method of claim 20 wherein the step of providing a pool of routable 
addresses comprises the step of registering the request. 

A computer readable medium containing the computer instructions for 
executing in a computer of the method of claim 1. 

A computer readable medium containing the computer instructions for 
executing in a computer of the method of claim 12. 

A computer readable medium containing the computer instructions for 
executing in a computer of the method of claim 20. 
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A server to provide enhanced and secure access to a group of users initiated by 
a non-technically trained user on a computer network without the intervention 
of information systems personnel comprising: 

1 ) a registration module to receive a request including a group identifier 
from the user; 

2) a registration driver to register the user to access the group of users, 
assign the group of users and maintain registration information and 
state information of a network infrastructure associated with the group 
of users; 

3) a module to assign VLAN tags based on registration status; and 

4) a packet driver module to insert/remove VLAN tags from packets based 
on registration status. 

The server of claim 28 wherein the VLAN tags are Q-tags of IEEE802.1Q . 

The server of claim 28 wherein the state information of a network 
infrastructure is information on the switches that are IEEE802.1Q compliant. 

The server of claim 28 wherein the module to construct VLAN tags comprises 
the SNMP module. 

The server of claim 28 wherein the module further comprises a web based user 
interface. 

The server of claim 28 wherein the group identifier includes a group name and 
password. 

The server of claim 28 wherein the request includes the request for creating the 
group of users. 
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35. The server of claim 28 wherein the request includes the request for showing 
information associated with the group of users. 

36. The server of claim 28 wherein the request includes the request for deleting the 
group of users. 

37. A server for dynamically managing pools of IP addresses on a computer 
network with different characteristics and moving a user from pool to pool as 
required comprising: 

1) a module to receive a request from a user to switch from a first set of 
characteristics to a second set of characteristics; 

2) a registration driver to register the user and assign an IP address to the 
user from IP address pools associated with the second set of 
characteristics, and maintain a registry of user records, associated sets 
of characteristics and IP address pools with associated sets of 
characteristics; and 

3) a DHCP module to issue an address switching request to the 
registration driver and receive IP addresses from the registration driver 
and allocate IP addresses to users. 

38. The server of claim 37 wherein the pools of IP addresses include a pool of 
routable IP addresses. 

39. The server of claim 37 wherein the pools oflP addresses include apool of non- 
routable IP addresses. 

40. The server of claim 37 wherein the module comprises a web based user 
interface to receive the request. 
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The server of claim 37 wherein the first set of characteristics is routable and 
the second set of characteristics is non-routable. 
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The server of claim 37 wherein the second set of characteristics is routable and 
the first set of characteristics is non-routable. 

The server of claim 37 wherein the registration driver temporarily releases the 
IP address. 

A server for providing a routable IP address to a remote computer comprising: 

1) a module to receive a request from the remote compute through a 
tunnel for the routable IP address; 

2) a registration driver to assign the routable IP address to the remote 
computer from a pool of routable IP addresses and establish an IP 
tunnel ;and 

3) a DHCP module to provide the routable IP address to the remote 
computer through the tunnel. 

The server of claim 44 wherein the registration module comprises a web based 
user interface to receive the request. 

The server of claim 44 wherein the registration driver maintains information 
associated with the provided routable IP address. 

The server of claim 44 wherein the registration driver further comprises a pools 
of non-routable IP addresses. 



